[LINUX] [AWS EC2] Add a user who can sudo like ec2-user

Overview

Add a sudo-enabled user in addition to the Amazon Linux 2 default user ec2-user

environment

• EC2 Amazon Linux2
• Windows10
• Ubuntu(WSL: Windows Subsystem for Linux) --RLogin (ssh client)

procedure

1. Create a key pair from the AWS Management Console

1. EC2> Network & Security> Key Pair
2. Create a key pair
3. Create a key pair in pem format by entering the key pair name in the name
4. The pem file will be downloaded and stored in a suitable location on your local PC

2. Get the public key from the key pair

Get the public key from the pem file downloaded in 1. I want to use ssh-keygen & I want to access downloaded files, so I used Ubuntu on WSL.

#I just want to get the public key, so create an appropriate dir
$ mkdir sshkey

#Copy the pem file downloaded in 1 from the Windows download folder
$ cp /mnt/d/Users/tamorieeeen/.ssh/ec2_keypair.pem sshkey/

#If the authority is loose, you will get angry like this
$ ssh-keygen -y -f sshkey/ec2_keypair.pem
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for 'sshkey/ec2_keypair.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "sshkey/ec2_keypair.pem": bad permissions

#Change the permissions of the pem file to get the public key
$ chmod 400 sshkey/ec2_keypair.pem
$ ssh-keygen -y -f sshkey/ec2_keypair.pem
ssh-rsa AAAABBBBCCCC…

3. Add a user on the server and register the ssh key

# ec2-Log in to ssh as user
$ sudo adduser tamorieeeen
$ sudo su - tamorieeeen
$ mkdir .ssh
$ chmod 700 .ssh/
$ touch .ssh/authorized_keys
$ chmod 600 .ssh/authorized_keys
$ vi .ssh/authorized_keys
#Paste the public key obtained in 2:Save as wq
$ exit

Belong to the wheel group so that sudo can be done non-pass

$ sudo usermod -aG wheel tamorieeeen
$ sudo visudo
# %Uncomment the wheel:Save as wq
## Same thing without a password
%wheel        ALL=(ALL)       NOPASSWD: ALL

Confirm that the added user can connect with ssh and complete

reference

-Amazon EC2 Key Pairs and Linux Instances -Manage user accounts on Amazon Linux instances -[How do I add a new user account with SSH access to my Amazon EC2 Linux instance?](Https://aws.amazon.com/jp/premiumsupport/knowledge-center/new-user-accounts- linux-instance /)